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AMENDMENTS TO THE CLAIMS: 




This listing of claims will replace all prior versions, and listings, of claims in the 
application: 



WHAT IS CLAIMED IS : 

1. (Currently Amended) A nA computer/network interface device comprising: 
a first interface for receiving data from a first zone in a first zone data format; 
means for processing said received data through performance of a cryptographic 



operation on at least a portion thereof; 

a second interface for sending said processed data to a second zone in a second 
zone data format; and 

means arranged to pass said processed data exclusively from said processing 
means to said second interface. 

2. (Currently Amended) An A computer/network interface device as claimed 
in claim 1 further comprising: 

means arranged to convert said received data in said first zone data format into at 
least one data format other than said first zone data format prior to said data processing. 

3. (Currently Amended) A nA computer/network interface device as 
claimed in claim 1 further comprising: 
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means arranged to transform the data format of said received data from said first 
zone at least twice prior to said data processing. 

4. (Currently Amended) A nA computer/network interface device as 
claimed in claim 1 in which said first zone data format is packetised packetized data, said 
device further comprising: 

means for reading at least one item of identification data from each packet; 
wherein said processing means is arranged to process each respective packet in 
dependence on the-ereach corresponding item of identification data. 

5. (Currently Amended) A ftA computer/network interface device as claimed 
in claim 4 further comprising: 

a store for storing one or more rules, each rule being linked with at least one of 
item of identification data; wherein 

said processing means is arranged to process each packet in dependence upon the 
rule linked with the corresponding item(s) of identification data. 

6. (Currently Amended) A nA computer/network interface device as 
claimed in claim 1 wherein one of the first and second interfaces is suitable for connection 
to a host such that the data format 4*tifee dutilized by such a connected interface is one 
utilise d utilized by the host. 
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7. (Currently Amended) A ftA computer/network interface device as claimed 
in claim 5, wherein one of the first and second interfaces is suitable for connection to a 
host such that the data format utilise d utilized by such a connected interface is one 
utilis e d utilized by the host in which, in response to receiving at least one control packet 
including at least an item of control identification data and control instructions through 
the interface not connected to the host and reading said item of control identification data 
from a control packet, said processing means is arranged to change said rules in said store 
in dependence upon said corresponding control instructions. 

8. (Currently Amended) A fiA computer/network interface device comprising: 
a first interface for receiving data from a first authori s e d au thori zed party in a first 

data format; 

means for processing said received data through performance of a computational 
operation on at least a portion thereof; 

a second interface for sending said processed data to a second 
authori sed authorized party in a second data format; 

means arranged to pass said processed data exclusively from said processing 
means to said second interface; 

wherein said operation performed by said processing means is such that if said 
sent processed data is intercepted by an unauthorised unauthorized party, the recovery of 
said received data from said processed data is computationally unfeasible. 
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9. (Currently Amended) A method of operating a na computer/network 
interface device comprising: 

receiving data at a first interface from a first zone in a first zone data format; 

processing said received data through performance of a cryptographic operation on 
at least a portion thereof; 

passing said processed data exclusively from said processing means to a second 
interface; and 

sending said processed data from said second interface to a second zone in a 
second zone data format. 

10. (Currently Amended) A method of operating a na computer/network 
interface device as claimed in claim 9 further comprising: 

converting said received data in said first zone data format into at least one further 
data format prior to said processing. 

1 1 . (Currently Amended) A method of operating a m computer/network 
interface device as claimed in claim 9 further comprising transforming the data format of 
said received data from said first zone at least twice prior to said processing. 

12. (Currently Amended) A method of operating an a computer/network 
interface device comprising: 
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receiving data at a first interface from a first authorised authorized party in a first 
data format; 

processing said received data through performance of a computational operation 
on at least a portion thereof; 

passing said processed data exclusively to a second interface; 

sending said processed data from said second interface to a second 
authorise d authorized party in a second data format; 

wherein said performance of said computational operation is such that if said sent 
processed data is intercepted by an unauthorise d unauthorized party, the recovery of said 
received data from said processed data is computationally unfeasible. 

13. (New) A computer/network interface device comprising: 

a first port for communication with said computer using a computer data format; 

a second port for communication with said network using a network data format; 

means for processing data received from at least one of said ports through 
performance of a cryptographic operation on at least a portion of said received data; and 

means arranged to pass said processed data exclusively from said means for 
processing to the other of said ports. 

14. (New) A computer/network interface device as in claim 13 further 
comprising: 
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means arranged to convert said received data in either said computer data format 
or said network data format into at least one data format other than said computer data 
format or network data format prior to said data processing. 

15. (New) A computer/network interface device as in claim 13 further 
comprising: 

means arranged to transform the data format of said received data from said 
computer data format or network data format at least twice prior to said data processing. 

16. (New) A computer/network interface device as in claim 13 in which said 
computer data format or network data format is packetized data, said device further 
comprising: 

means for reading at least one item of identification data from each packet; 
wherein said processing means is arranged to process each respective packet in 
dependence on each corresponding item of identification data. 

17. (New) A computer/network interface device as in claim 16 further 
comprising: 

a store for storing one or more rules, each rule being linked with at least one of 
item of identification data; 

wherein said processing means is arranged to process each packet in dependence 
upon the rule linked with the corresponding item(s) of identification data. 
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18. (New) A computer/network interface device as in claim 17 in which, in 
response to receiving at least one control packet including at least an item of control 
identification data and control instructions through said second port and reading said item 
of control identification data from a control packet, said processing means is arranged to 
change said rules in said store in dependence upon said corresponding control 
instructions. 

19. (New) A computer/network interface device comprising: 

a first port for receiving data from a first authorized party in a computer data 
format; 

a second port for sending processed data to a second authorized party in a 
network data format; 

means for processing data received from at least one of said ports through 
performance of a computational operation on at least a portion of said received data; and 

means arranged to pass said processed data exclusively from said processing 
means to the other of said ports; 

wherein said operation performed by said processing means is such that if said 
sent processed data is intercepted by an unauthorized party, the recovery of said received 
data from said processed data is computationally unfeasible. 

20. (New) A method of operating a computer/network interface device 
comprising: 
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receiving data at a first port from a first authorized party in a computer data 
format; 

processing said received computer data through performance of a cryptographic 
operation on at least a portion thereof; 

passing said processed data exclusively from said processing means to a second 
port; and 

sending said processed data from said second port to a second authorized party in 
a network data format. 

21. (New) A method of operating a computer/network interface device as in 
claim 20 further comprising: 

converting said received data in said computer data format into at least one further 
data format prior to said processing. 

22. (New) A method of operating a computer/network interface device as in 
claim 20 further comprising transforming the data format of said received data from said 
first authorized party at least twice prior to said processing. 

23. (New) A method of operating a computer/network interface device 
comprising: 

receiving data at a first port from a first authorized party in a computer data 
format; 
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processing said received data through performance of a computational operation 
on at least a portion thereof; 

passing said processed data exclusively to a second port; 

sending said processed data from said second port to a second authorized party in 
a network data format; 

wherein said performance of said computational operation is such that if said sent 
processed data is intercepted by an unauthorized party, the recovery of said received data 
from said processed data is computationally unfeasible. 
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